I will have to talk with the Java guys here about the Mina SSHD patch. I
think they redid the same correction.

I agree that this is somewhat of a kludge. We have to work with old
versions of our software (both embedded and java/pc-based), so this looked
like the right solution.

I have been mislead by Openssh's sftp client working correctly. So I
(finally) took a look into the Openssh sftp client code. It goes fatal()
when it receives more data than requested, but since it always asks for
32768 bytes it works correctly with old versions of Mina SSHD. Maybe that
would be the correct solution in our case.

Should I submit a patch that aborts when the received size is longer than
requested?